Samsung’s convergence calculation goes like this. Routing + switching + VoIP + security = 1 — One box, one management interface, one architecture. Last month the Korean electronics giant introduced the U.S. enterprise networking market to Samsung’s new math with the Ubigate iBG Series all-in-one enterprise networking platform for SMBs.

Ubigate begs the question: does the world really need another box?

That’s a simplistic and narrow view, according to Samsung Director of North American Enterprise Networks Lynn Tinney. Ubigate, Tinney explains, is a foundation for converged communications.

“When you speak to customers, they’re speaking about investments: how can I make network operation more efficient. It’s not like they woke up one morning and wanted convergence. It’s coming more gradually, in terms of wise investment, pushed by [the need for] making end users more productive, getting more for their investment.”

To meet these perennial business objectives, the infrastructure has to be in place to serve up what end users need. But while big companies have many choices in today’s market, SMBs have a limited range of options.

“To reach an SMB market, you have to recognize that you’re putting a lot of functionality on a single box,” says Tinney. “It’s risky on the low end but cost makes it a bad financial decision on the high end.”

In other words, when you have a dominant market player — that would be Cisco, the elephant in this particular room — all solutions entail sizable compromises for customers.

Enter Samsung Ubigate iBG.

“We recognize that in the SMB market Samsung could develop a box that offered some clear advantages,” explains Tinney.

The first place Samsung hopes customers will work the new math is in their costs. To start, Ubigate pricing is about 30 percent less than its “nearest competitor,” according to Tinney. Further, cost of ownership goes down as well, Tinney says, with less equipment and a single, browser-based network management interface. “Business gateways are new corner stones for any infrastructure, Samsung’s Ubigate can consolidate three or four boxes to one.”

Reliability is another part of the calculus that Tinney says makes a convincing argument for the Ubigate.

“Samsung’s long history of outstanding engineering delivers its worth to customers. They can feel confident Samsung brings to market a well engineered and tested solution. The Ubigate is built for redundant power supply to further ensure network reliability,” Tinney says, adding,”If there’s a flaw in it anywhere, it’s that it’s over-engineered.”

Finally, Samsung is also aiming to change the security versus performance equation.

“Security is often the feature that end users either have to sacrifice to maintain performance or accept slower processing speeds to keep the security levels,” explains Tinney. “With Ubigate, the customer can have AV, IDS, IPS, etc. without giving up on performance. Although I doubt the Ubigate will be looked at for only security, this is a critical benefit that goes to significant TCO and ROI.”

Finally, Samsung’s acknowledged expertise in the consumer market will give the Ubigate an additional market advantage, Tinney says.

“Strategic decision makers recognize that the end user is a consumer. Understanding the consumer is an advantage as we design our product. We understand that single user’s perspective.”

So how does that elephant in the room figure in Samsung’s math?

“It’s one thing to go out and buy a tennis racquet,” she says. “It’s another thing to learn how to play.”

In life it’s often the small stuff that makes the biggest difference. Virtual Hold Technology has taken on a gripe we all have – waiting on hold. While the company’s eponymous system can’t eliminate the wait, it makes it easier by holding your place in line while you hang up and get on with your life. When you’re at the head of the list, the system calls you up. The company sells the technology to contact centers, promoting its ability to increase customer satisfaction and reducing costs.

Working on the theory that all of us together are smarter than each of us alone, yesterday Polycom announced the Polycom ARENA “ecosystem,” a collaboration platform that will let partners develop, test and certify interoperability between their solutions and the Polycom voice, video and content collaborative solutions.

AT&T is getting into the mobile video game with AT&T Video Share, which lets users to share live video concurrently with voice calls. The service sounds like a true Age of IP service. But the billing is strictly Ma Bell. AT&T is offering Video Share for $4.99 per month for 25 minutes of usage, or $9.99 for 60 minutes. Not so bad, you say. Well every minute after that is 35 cents.

Unlike baseball, in IPTV the three strikes rule doesn’t hold apparently, with Microsoft debuting its fourth — or is it sixth? — IPTV brand, Mediaroom. Scott Fulton of BetaNews offers an analysis.

Be afraid, be very afraid is the message of Sipera VIPER Lab’s threat advisory for SIP-based soft phones from AOL(R), Avaya, MSN(R) and Nortel(TM), and Avaya SIP-based hard phones.

Sun Microsystems and Mitel are getting cozy with an agreement to integrate Mitel’s call management software into Sun servers. One objective is to make it easier to converge voice and data applications.

Right up front I’m going to confess to a bias.

I’ve been following security startup Bharosa for a couple of years. The three year-old company makes its home in my hometown, Santa Clara, CA. It used to have its office right next door to the community newspaper, The Santa Clara Weekly, where I do my non-technology writing.

The guys at Bharosa are nice guys — the name means “trust” in Hindi. They spent a lot of time showing me how their software worked and explaining it in terms that make sense to the most tech-averse person. To test it they invited the technology-skeptical publisher of the Weekly to try it out. And they always give me a heads up on news.

Like I said, I’m a fan.

So when I read recently that small businesses have big reservations about the security of VoIP, and that SPIT (Spam over Internet telephony) is one of the Internet’s most-searched terms at the moment, I called Jon Fisher, Bharosa’s CEO, to chat about it.

Bharosa has gained a significant following by protecting online transactions with Web-based software that uses images to scramble and encode information entered through a website.

Because the software runs on the server, not the site visitor’s PC, online businesses can ensure transaction security without relying on software or equipment on the customer’s end. In most cases the end user is unaware of it.

Because the information is scrambled differently every time and only the server has the key to deciphering it, fraudsters are blocked in their attempts to collect sensitive account information The beauty of the Bharosa approach is that even if fraudsters intercept the transaction with keylogging spyware, the data they collect is unusable.

“The way to systematically protect against scammers,” Fisher says, “is with an additional piece of information required to authorize the transaction – information that doesn’t exist in discernable form to be used for fraud.”

Now Bharosa is turning its attention to security for transactions that originate on a phone.

“In the last five years, with malware, phishing, pharming the Internet became completely vulnerable,” Fisher says. “All attacks that can happen to passwords can be transferred to other markets.”

Just as mail servers can be turned into spam zombies, servers running a phone system can be turned into SPIT zombies. And the potential target is huge.

“There are more than a billion cell phones in use,” Fisher continues. “The more people are doing business over the phone, the greater the security risk.

In other words, convergence is not always a good thing. The brave new world of mobile applications opens up a whole new constellation of opportunities for fraudsters. And Bharosa aims to be out in front of the bad guys here as well.

The company has carried over its encryption model to the phone. Instead of using images, the software uses pre-recorded sounds to authorize transactions.

Why not voice recognition? Factors as varied as poor sound quality to having a cold can interfere with the transaction, Fisher explains. Plus, there are logistical problems.

To use voice authentication, each user has to be recorded. If you have a million customers, all of them have to record their voices before they can do a transaction.

With Bharosa’s method organizations can simply pre-package tones and distribute them to customers instantly. It doesn’t matter if you have ten users or ten million.

It’s all part of Bharosa’s creative approach.

“We want to solve problems in innovative ways,” Fisher says. “We want to be a nimble company that attracts the best customers.”

So far Bharosa seems to be succeeding. The company’s software is getting thumbs up from some heavy hitters including the U.S. Air Force, UCSF Medical Center and Wells Fargo bank. The company recently signed partnership agreements with Oracle and Microsoft. Fisher estimates that about 20 million people worldwide are currently using Bharosa’s security software.

“The fraudsters are getting more sophisticated every day,” he notes, “so it’s critical that security solutions are more flexible and adaptive in order to always be a few steps ahead of the threats.”

We can’t put the genie back in the bottle, but it seems to me that the Voice over IP (VoIP) industry is in need of security training and improvements.

There’s been much noise over VoIP security lately, though not much of the what’s been voiced is new or innovative. Much of it just parrots old advice: segment the network traffic and install a VoIP firewall.

The fact that VoIP security discussions haven’t advanced much beyond what applies to ordinary networking is a sign that a lot of new education is needed.

Some think education alone is not enough. For example, Stephen Northcutt, Director of Training and Certification for the SANS Institute, thinks that the whole technology needs a major overhaul.

“If I had my way, I would have the creators of VoIP stop everything and redesign this with security in mind from the get-go.” Northcutt said in a recent interview.

IT professionals need to understand the nature of the VoIP traffic on their networks. VoIP is much more than just another real-time LAN application and securing it requires broader security methods.

Overver the coming weeks, Voxilla will take a close look at VoIP security with our upcoming three part series on VoIP confidentiality, integrity, and availability.

And, we’ve launched a Voxilla forum dedicated to VoIP Security issues in hopes of fostering positive discussions over these issues. Come and visit

.

Maybe the Ebay/Skype personnel shuffle — Skype’s “nightmare before Christmas” as Om Malik called it — has to do with other people’s nightmares about what Skype might be doing to their networks.

While the controversy about Skype on academic networks has made the mainstream media in recent months, there’s also been a controversy brewing — mostly surfacing in the business press — about Skype use on business networks.

Back in 2005, Gartner Group was warning against Skype. And last May the industry analyst advised companies to “ditch” Skype because of its inherent security risks and the traffic that the peer-to-peer VoIP service puts through the network — even when no Skype calls are being made. Skype describes this as ’symbiotic” but corporate IT departments are more likely to use the word “parasitic.”

One major U.S. aerospace company is actively blocking the ports that carry Skype traffic and an employee of the company, who declined to be identified, says that other organizations are following suit. “Peer-to-peer is seen as a bad neighbor by corporate IT departments,” the employee says.

How risky is Skype? Consider this. Earlier this week, the Washington Post reported that the computer system at the Naval War College was brought down by what some believe to be Chinese hackers. And last summer the blogosphere was abuzz with reports that a Chinese company had cracked Skype’s proprietary protocol. The combination of the two could add up to a perfect storm — typhoon? — for corporate networks.

Last June, Bit9, a Cambridge, MA-based security firm listed Skype as Number 3 in its list of the top security risks in corporate environments. What took first place in this software rogues gallery? Firefox 1.5., with Apple iTunes 6.02 and Quicktime 7.0.3 tied in second place.